Unexpected Security Weakness Found in Android

For many security techniques, the reason data is protected is not because it is impossible to access, but very, very difficult to. At least that is what people believe until someone finds a quick way to get information. Researchers at the Georgia Institute of Technology have done just that by identifying a method to access memory address information many expect to be protected.

Address Space Layout Randomization (ASLR) is exists to randomize the memory layout of programs, in order to keep someone from learning or inferring anything from that information. In the name of performance optimizations though, some programming languages use hash tables that store address information or can reveal it by repeated scans. The researchers are going to demonstrate this with JavaScript in Safari at the upcoming Black Hat conference.

The researchers are also going to demonstrate weaknesses in the Android Zygote system, which is meant to accelerate application launches. It has the side effect of giving applications largely identical memory layouts, so the expected effort required to counter ASLR to attack these apps is greatly lessened. This issue will be demonstrated in Google Chrome and VLC Media Player at Black Hat as well.